| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1478115261-29669-1-git-send-email-agruenba@redhat.com>
Date: Wed, 2 Nov 2016 20:34:21 +0100
From: Andreas Gruenbacher <agruenba@...hat.com>
To: Casey Schaufler <casey@...aufler-ca.com>
Cc: Andreas Gruenbacher <agruenba@...hat.com>,
Al Viro <viro@...iv.linux.org.uk>,
linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org,
Stephen Smalley <sds@...ho.nsa.gov>
Subject: [PATCH] Re: Problem with setxattr on sockfs with Smack after 971df15bd54ad46e907046ff33750a137b2f0096
Casey,
does this patch help?
(The way how security xattrs are handled by LSM is pretty ugly. I'm not
convinced that it doesn't break something else, yet.)
Thanks,
Andreas
---
fs/xattr.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/fs/xattr.c b/fs/xattr.c
index 3368659..bf09836 100644
--- a/fs/xattr.c
+++ b/fs/xattr.c
@@ -183,11 +183,13 @@ int __vfs_setxattr_noperm(struct dentry *dentry, const char *name,
security_inode_post_setxattr(dentry, name, value,
size, flags);
}
- } else if (issec) {
- const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
-
+ } else {
if (unlikely(is_bad_inode(inode)))
return -EIO;
+ }
+ if (issec && error == -EOPNOTSUPP) {
+ const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
+
error = security_inode_setsecurity(inode, suffix, value,
size, flags);
if (!error)
--
2.7.4
Powered by blists - more mailing lists